CVE-2025-24887

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-24887

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-24887.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-24887

Aliases

GHSA-8262-pw2q-5qc3

Published

2025-04-30T18:27:24.530Z

Modified

2025-12-05T08:53:12.963153Z

Severity

6.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L CVSS Calculator

Summary

OpenCTI bypass of protected attribute update

Details

OpenCTI is an open-source cyber threat intelligence platform. In versions starting from 6.4.8 to before 6.4.10, the allow/deny lists can be bypassed, allowing a user to change attributes that are intended to be unmodifiable by the user. It is possible to toggle the external flag on/off and change the own token value for a user. It is also possible to edit attributes that are not in the allow list, such as otp_qr and otp_activated. If external users exist in the OpenCTI setup and the information about these users identities is sensitive, the above vulnerabilities can be used to enumerate existing user accounts as a standard low privileged user. This issue has been patched in version 6.4.10.

Database specific

{
    "cwe_ids": [
        "CWE-284",
        "CWE-657"
    ],
    "cna_assigner": "GitHub_M",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/24xxx/CVE-2025-24887.json"
}

References

Affected packages

Git / github.com/opencti-platform/opencti

Affected ranges

Type: GIT
Repo: https://github.com/opencti-platform/opencti
Events: Introduced

7d5bb142deacc08e89aadcedfe2ebcb62427dcdf

Fixed

38898481dc550a63d32e4e00a5a10d7b5f714e87

Affected versions

6.*

6.4.8

6.4.9

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-24887.json"